Closed Tob0t closed 9 months ago
I think the reason this is occurring here and not with Telescope is because Pulse uses Livewire.
It's not clear from the details you've provided whether the 419 is coming from Laravel, Livewire, or somewhere else though. Can you share the response body?
It's also worth noting that the middleware that you configure with Pulse get set as "persistent middleware" with Livewire, meaning that if the middleware is present on the initial non-Livewire request to /pulse
then it will also be applied on any subsequent Livewire update requests to /livewire/update
.
Thanks @jessarcher that is most likely the issue.
Response body is the following img:
or the HTML (removed the style prop):
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Page Expired</title>
</head>
<body class="antialiased">
<div class="relative flex items-top justify-center min-h-screen bg-gray-100 dark:bg-gray-900 sm:items-center sm:pt-0">
<div class="max-w-xl mx-auto sm:px-6 lg:px-8">
<div class="flex items-center pt-8 sm:justify-start sm:pt-0">
<div class="px-4 text-lg text-gray-500 border-r border-gray-400 tracking-wider">419 </div>
<div class="ml-4 text-lg text-gray-500 uppercase tracking-wider">Page Expired </div>
</div>
</div>
</div>
</body>
</html>
So its coming from Livewire true, since I never worked with Livewire, is there a way to tweak the authentication check of it to also accept cookie authorization?
Regarding the "persistent middleware": thanks for the info, however this middleware is just forwarding the request, when there is already a token-cookie appended
I believe it's because you don't have the web
middleware which creates the session needed for Livewire to validate update requests.
See https://github.com/livewire/livewire/discussions/4959 for some other potential solutions if adding the web
middleware doesn't solve it.
Hey there,
We're closing this issue because it's inactive, already solved, old or not relevant anymore. Feel free to open up a new issue if you're still experiencing this problem.
Pulse Version
1.0@beta
Laravel Version
10.37.3
PHP Version
8.2.12
Livewire Version
3.3.0
Database Driver & Version
No response
Description
Working with a JWT auth worked perfectly with telescope by using the custom middleware described in https://github.com/laravel/telescope/issues/592 However, when applying the same for pulse I always get a 419 response with the response that the page has expired. I guess it has smth todo with the XSRF token, but I cannot find the location where to inject it. I did the same setup like for telescope but could not find a working solution. Any ideas?
Steps To Reproduce
1) Create custom middleware:
2) adapt config
pulse.php
3) Visit http://localhost/pulse?token={jwt-token}
4) Error 419:
Instructions taken from https://github.com/laravel/telescope/issues/592